Home   News   Features   Interviews   Magazine Archive   Industry Awards  
Subscribe
Securites Lending Times logo
Leading the Way

Global Asset Servicing News and Commentary
≔ Menu
Securites Lending Times logo
Leading the Way

Global Asset Servicing News and Commentary
News by section
Subscribe
⨂ Close
  1. Home
  2. Industry news
  3. Cordium: Most financial firms are not prepared for GDPR
Industry news

Cordium: Most financial firms are not prepared for GDPR


25 April 2018 London
Reporter: Jenna Lomax

Generic business image for news article
Image: Shutterstock
With only 30 days until implementation, more than 50 percent of investment firms globally are unlikely to be ready for the European Union’s new General Data Protection Regulation (GDPR), according to a Cordium and AmberGate survey.

Designed to benchmark investment management firms’ readiness for GDPR, the survey revealed a lack of preparedness in advance of the regulation implementation date.

Only 2 percent of surveyed firms had finished putting GDPR policies and procedures in place, while 59 percent of firms said they were unprepared to comply with the required 72-hour window to report a personal breach to regulators.

A further 64 percent said they were unprepared to respond to an exercise of data subject rights.

The EU’s GDPR comes into effect on 25 May and introduces a set of data privacy and security requirements on firms, with potential global reach.

Michael Corcione, managing director, cybersecurity and data protection consulting services at Cordium, said: “Companies that have not yet started their GDPR programme—or those still at the early stages—expose themselves to significant compliance and reputational risk.”

He added: “Lack of readiness is due to a failure by firms to understand their exposure to the regulation, as well as the second Markets in Financial Instruments Directive’s (MiFID II) earlier deadline, leaving GDPR to fall down the priority list. With just a four-week window firms should be practicing these procedures, not defining them.”

Robert Baugh, founder and CEO at AmberGate, said: “The lack of GDPR preparedness in the industry is concerning, particularly given the risk of regulatory action and the potential impact to a firm’s reputation.”

He added: “Many firms will now need to divert significant resource and time to the project—there is clearly still much to do across most organisations. Firms will face growing pressure from an internal governance perspective, from investors, and from regulators likely to take an increasingly firm stance on the issue.”
← Previous industry article

SWIFT panel: Innovation in UK is too slow
NO FEE, NO RISK
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
Advertisement
Subscribe today
Knowledge base

Explore our extensive directory to find all the essential contacts you need

Visit our directory →

Discover definitions, explanations and related news articles in our glossary

Visit our glossary →